yonggekkk

yonggekkk/Cloudflare-vless-trojan

JavaScript Security

CF-workers/pages代理脚本:支持Vless-ws(tls)、Trojan-ws(tls);Socks5/http本地代理脚本:可选ECH-TLS、普通TLS、无TLS三种代理模式

15.5k stars
9.6k forks
recent
GitHub +45 / week

15.5k

Stars

9.6k

Forks

0

Open issues

3

Contributors

serv00 12 Dec 2024

AI Analysis

This project provides Cloudflare Workers/Pages proxy scripts supporting Vless and Trojan protocols over WebSocket with TLS, plus a local Socks5/HTTP proxy script with optional ECH-TLS encryption. It is purpose-built for users seeking free, censorship-resistant proxy solutions leveraging Cloudflare's infrastructure, primarily benefiting individuals in restrictive network environments; it is not a general-purpose networking library.

Security Security Tool Discovery value: 4/10
Documentation 7/10
Activity 9/10
Community 9/10
Code quality 5/10

Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.

Overall score 7/10

AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.

proxy cloudflare-workers circumvention vless-trojan socks5
Actively maintained Popular Niche/specialized use case Beginner friendly Production ready
Deep Analysis · Based on README and public signals
3w ago

Cloudflare Workers/Pages proxy script enabling VLESS and Trojan tunneling for users in censored network environments

This project provides JavaScript scripts deployable on Cloudflare Workers and Pages to create VLESS+WS and Trojan+WS proxy nodes, primarily serving users in mainland China seeking to circumvent internet censorship. It also includes a local Socks5/HTTP proxy client with ECH-TLS, standard TLS, and no-TLS modes. The target audience is technically semi-capable individuals who want a zero-cost, self-hosted circumvention solution using Cloudflare's free tier. With 15,400+ stars and 9,500+ forks, it has substantial community traction in the Chinese-speaking censorship-circumvention ecosystem.

Origin

Created in July 2023 during a period of intensified GFW blocking of common VPN protocols. It builds on earlier CF-worker proxy concepts popularized by the Chinese open-source community, extending them with Trojan support, ECH obfuscation, and local proxy scripting.

Growth

Growth appears driven by periodic GFW crackdowns that push users toward Cloudflare-based solutions, active YouTube tutorials and Telegram community by the author, word-of-mouth in Chinese tech communities, and the zero-cost deployment model. The high fork count (9,520) relative to stars suggests many users maintain private customized deployments. Recent 67 stars in 7 days indicates steady, ongoing demand rather than a viral spike.

In production

Direct production adoption evidence is limited to GitHub metrics (15,408 stars, 9,520 forks) and a Telegram group linked in the README. No enterprise or institutional usage is claimed or expected. The high fork count strongly suggests widespread personal deployment. YouTube tutorials by the author appear to have active viewership based on README references, but view counts are not independently verifiable here. Adoption appears concentrated among individual users in mainland China and the Chinese diaspora.

Code analysis
Architecture

Likely a single-file or small-file JavaScript Worker script that handles WebSocket upgrades to proxy VLESS and Trojan protocols. Appears to use Cloudflare's native fetch and WebSocket APIs. The local component (cfsh.sh) is a shell/Docker-based Socks5/HTTP proxy that connects to the CF worker endpoint. ECH support is likely delegated to Cloudflare's CDN infrastructure rather than implemented from scratch.

Tests

not documented in README

Maintenance

Last push was 2026-06-19, three days before the evaluation date, indicating very active maintenance. The README references a versioned release (25.5.4) and multiple recent YouTube tutorials dated through 2025, suggesting the author actively responds to blocking changes and platform updates. Maintenance cadence appears high relative to the project's operational requirements.

Honest verdict

ADOPT IF: you are a technically semi-capable user in a censored network environment seeking a zero-cost, self-hosted Cloudflare-based proxy with beginner-friendly setup and active maintenance. AVOID IF: you need enterprise-grade reliability, formal security audits, or operate in a legal jurisdiction where circumvention tools carry significant legal risk — the project carries no license and no liability guarantees. MONITOR IF: Cloudflare changes its Workers/Pages policies regarding proxy abuse, or if GFW begins effectively blocking ECH-based CF traffic, which would require rapid script updates.

Independent dimensions

Mainstream potential

2/10

Technical importance

5/10

Adoption evidence

6/10

Risks
  • Cloudflare's Terms of Service explicitly prohibit using Workers as proxies for circumvention purposes; accounts may be suspended without warning, breaking all deployed nodes.
  • No stated software license creates ambiguity around redistribution, modification rights, and long-term project continuity if the author becomes unavailable.
  • Default shared UUIDs and passwords documented in the README ('万人骑' — 'shared by thousands') present serious security risks for users who do not change them, potentially exposing traffic to third parties.
  • GFW detection and blocking of Cloudflare-based traffic patterns is an ongoing arms race; the project may become ineffective during blocking waves before updates are released.
  • Dependency on third-party ProxyIP providers (referenced in README) for accessing CF-hosted sites means users inherit reliability and privacy risks from those external services.
Prediction

The project will likely remain actively maintained as long as CF Workers remains accessible and the author continues community engagement. It will continue serving as a reference implementation for the Chinese circumvention community, with periodic updates in response to GFW changes. Mainstream expansion beyond the Chinese-language censorship-circumvention niche appears unlikely.

0 found this helpful

Newsletter

Get analyses like this every Monday

Free weekly digest of the most interesting open-source discoveries.

Languages

JavaScript
90.9%
Shell
5.9%
Python
2.9%
Batchfile
0.3%

Information

Language
JavaScript
Last updated
2w ago
Created
36mo ago
Analyzed with
anthropic/claude-haiku-4-5

Stars over time

Loading…

Contributors over time

Top 100 contributors only — repos with more will plateau at 100.

Loading…

Open issues

No open issues — clean slate.

Open pull requests

No open pull requests.

Similar repos

cmliu

cmliu/WorkerVless2sub

WorkerVless2sub is a subscription generator that automatically creates...

6k JavaScript DevOps
1234567Yang

1234567Yang/cf-proxy-ex

Cloudflare Proxy EX is a serverless proxy built on Cloudflare Workers that...

1.8k JavaScript Security
byJoey

byJoey/cfnew

CFnew is a Cloudflare Workers/Pages-based proxy solution supporting multiple...

14.4k DevOps
Epodonios

Epodonios/v2ray-configs

This repository provides thousands of free V2Ray proxy configuration files...

3.1k Python Security
fscarmen

fscarmen/ArgoX

ArgoX is a one-click deployment script for setting up Xray proxy servers...

1.9k Shell DevOps
vs. alternatives
cmliu/WorkerVless2sub

Focuses on subscription management and node aggregation for CF Workers VLESS; complementary rather than competing — yonggekkk's project emphasizes self-contained local deployment without external subscription services.

mack-a/v2ray-agent

Broader VPS-based multi-protocol installation script with 21k stars; requires a paid VPS, making yonggekkk's CF free-tier approach more accessible to zero-budget users but less flexible for advanced configurations.

byJoey/cfnew

Similar CF-based proxy project with 14k stars; both target the same audience and use case, representing direct community competition. Differentiation likely comes down to feature set, update frequency, and community trust.

zizifn/edgetunnel

Another well-known CF Workers VLESS script; yonggekkk's project differentiates by adding Trojan support, ECH mode, local Socks5/HTTP proxy client, and extensive beginner-oriented documentation.

awesome-vpn/awesome-vpn

A curated list/aggregator rather than a deployable tool; different category but serves the same information-seeking audience in censorship-circumvention communities.